777 CVEs

1 in CISA KEV

schneider-electric Vulnerabilities

CVE security advisories and vulnerability history for schneider-electric.

777

Total CVEs

Published

1

In CISA KEV

Exploited in the wild

20

Public exploits

With known exploit

7.4

Avg CVSS

2011–2026

Overview

schneider-electric has 777 published CVE records since 2011, of which 1 are in CISA's Known Exploited Vulnerabilities catalog and 20 have a known public exploit. The average CVSS base score across scored CVEs is 7.4.

This page aggregates every publicly disclosed vulnerability (CVE) affecting schneider-electric products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of schneider-electric's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical41

High123

Medium82

Low4

527 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

1

One of schneider-electric's CVEs is confirmed exploited in the wild.

Public exploits

20

20 of schneider-electric's CVEs have a known public exploit available.

Most affected products

The schneider-electric products with the most published CVEs.

struxureware data center expert48 CVEs
interactive graphical scada system43 CVEs
modicon m580 firmware41 CVEs
modicon m34041 CVEs
modicon m58040 CVEs
modicon m340 bmxp34202039 CVEs
modicon m340 firmware39 CVEs
modicon m340 bmxp34100033 CVEs

Common weakness types

The CWE weakness categories most often found in schneider-electric CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish schneider-electric CVE records.

Disclosure activity by year

How many schneider-electric CVEs were published each year.

2018

120

2019

87

2020

117

2021

87

2022

117

2023

93

2024

36

2026

10

Latest schneider-electric CVEs

The most recently disclosed vulnerabilities affecting schneider-electric.

Clear Text Storage of Sensitive Information on EcoStruxure™ Machine Expert HVAC
CWE-312
Medium · CVSS 6.8
EPSS 0.0%2026-05-14
Low vulnerability · 2026-04-14
CWE-532
Low · CVSS 2.4
EPSS 0.0%2026-04-14
Medium vulnerability · 2026-04-14
CWE-93
Medium · CVSS 5.3
EPSS 0.1%2026-04-14
Medium vulnerability · 2026-04-14
CWE-1284
Medium · CVSS 5.3
EPSS 0.1%2026-04-14
Medium vulnerability · 2026-04-14
CWE-400
Medium · CVSS 5.3
EPSS 0.1%2026-04-14
Medium vulnerability · 2026-04-14
CWE-307
Medium · CVSS 6.9
EPSS 0.1%2026-04-14
Medium vulnerability · 2026-04-14
CWE-116
Medium · CVSS 6.9
EPSS 0.1%2026-04-14
Medium vulnerability · 2026-04-14
CWE-22
Medium · CVSS 6.9
EPSS 0.0%2026-04-14
High vulnerability · 2026-01-15
CWE-416
High · CVSS 8.4
EPSS 0.0%2026-01-15
High vulnerability · 2026-01-15
CWE-415
High · CVSS 8.4
EPSS 0.0%2026-01-15
Critical vulnerability · 2024-11-13
CWE-862
Critical · CVSS 10.0
EPSS 0.4%2024-11-13
High vulnerability · 2024-11-13
CWE-400
High · CVSS 8.7
EPSS 0.3%2024-11-13

Track new schneider-electric CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor schneider-electric CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

nuget848 CVEs SAP SE834 CVEs foxitsoftware802 CVEs php783 CVEs oretnom23766 CVEs imagemagick740 CVEs wireshark735 CVEs wordpress734 CVEs

Browse all vendors

Frequently asked questions

Common questions about schneider-electric vulnerabilities.

How many CVEs does schneider-electric have?

schneider-electric has 777 published CVE records since 2011, including 10 in the last two years.

How many schneider-electric CVEs are in CISA KEV?

Yes — 1 of schneider-electric's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which schneider-electric products have the most CVEs?

The schneider-electric products with the most published CVEs are struxureware data center expert, interactive graphical scada system, modicon m580 firmware, modicon m340, modicon m580.

What are the most common weakness types in schneider-electric CVEs?

schneider-electric's CVEs most often map to these CWE weakness types: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).

Are there public exploits for schneider-electric vulnerabilities?

Yes — 20 of schneider-electric's CVEs have a known public exploit.

How many critical schneider-electric vulnerabilities are there?

schneider-electric has 41 critical and 123 high-severity CVEs.

What is the average severity of schneider-electric CVEs?

The average CVSS base score across schneider-electric's scored CVEs is 7.4.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track schneider-electric vulnerabilities

Monitor new schneider-electric vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing